diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 365741e..293c9ee 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -59,6 +59,7 @@ jobs: setup-task: true task-version: '3.50.0' task-retries: '3' + setup-gomplate: true - name: Verify Setup run: | @@ -109,6 +110,9 @@ jobs: echo "Swift SDKs: ${{ steps.test-all.outputs.swift-sdks }}" swift --version echo "::endgroup::" + echo "::group::Verify Gomplate Installation" + gomplate --version + echo "::endgroup::" test-checkout: name: Test Checkout Action @@ -358,3 +362,25 @@ jobs: - name: Verify Task Installation run: | task --version + + test-setup-gomplate: + name: Test Setup Gomplate + runs-on: ubuntu-latest + steps: + - name: Harden Runner + id: harden-runner + uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1 + with: + egress-policy: audit + + - name: Checkout Repository + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + + - name: Run Setup Gomplate Action + uses: ./ + with: + setup-gomplate: true + + - name: Verify Gomplate Installation + run: | + gomplate --version diff --git a/README.md b/README.md index 24e670d..33878a2 100644 --- a/README.md +++ b/README.md @@ -7,7 +7,7 @@ Common steps for initializing a job for GitHub actions. This composite action co - Security hardening with Step Security's Harden Runner - Repository checkout with configurable options - Multi-language support (Node.js, Java, Python, Go, Rust, Swift) -- Build tool setup (Gradle) +- Build tool setup (Gradle, Task, gomplate) - Automatic caching for dependencies and build artifacts ## Usage @@ -109,6 +109,15 @@ Common steps for initializing a job for GitHub actions. This composite action co | task-retries | Number of retries to set up task | No | 3 | | checkout-token | Personal access token (PAT) used to fetch the repository | No | - | +**Gomplate** + +| Input | Description | Required | Default | +|----------------|--------------------------|----------|---------| +| setup-gomplate | Whether to setup gomplate | No | false | + +> [!NOTE] +> `setup-gomplate` currently installs the Linux AMD64 gomplate release artifact. + ### Outputs **Checkout Outputs** diff --git a/action.yml b/action.yml index d5d82ea..3acf8f7 100644 --- a/action.yml +++ b/action.yml @@ -120,6 +120,10 @@ inputs: description: 'Whether to setup Task' required: false default: 'false' + setup-gomplate: + description: 'Whether to setup gomplate' + required: false + default: 'false' task-version: description: 'Task version to use' required: false @@ -393,6 +397,35 @@ runs: repo-token: ${{ inputs.checkout-token }} max-retries: ${{ inputs.task-retries }} + - name: Set Up Gomplate Parameters + id: setup-gomplate-params + if: ${{ inputs.setup-gomplate == 'true' }} + shell: bash + run: | + echo "::group::Setting up gomplate" + echo "Version: v5.0.0" + echo "::endgroup::" + + - name: Install Gomplate + id: setup-gomplate + if: ${{ inputs.setup-gomplate == 'true' }} + shell: bash + run: | + GOMPLATE_VERSION="v5.0.0" + GOMPLATE_RELEASE_URL="https://github.com/hairyhenderson/gomplate/releases/download/${GOMPLATE_VERSION}" + + curl -sSfL "${GOMPLATE_RELEASE_URL}/gomplate_linux-amd64" \ + -o /tmp/gomplate || { echo "Failed to download gomplate binary"; exit 1; } + curl -sSfL "${GOMPLATE_RELEASE_URL}/checksums-${GOMPLATE_VERSION}_sha256.txt" \ + -o /tmp/gomplate_checksums.txt || { echo "Failed to download gomplate checksums"; exit 1; } + EXPECTED_SHA="$(grep 'bin/gomplate_linux-amd64$' /tmp/gomplate_checksums.txt | awk '{print $1}')" + if [ -z "${EXPECTED_SHA}" ]; then + echo "Unable to find checksum for gomplate_linux-amd64" + exit 1 + fi + echo "${EXPECTED_SHA} /tmp/gomplate" | sha256sum -c - || { echo "Gomplate checksum verification failed"; exit 1; } + sudo install -m 755 /tmp/gomplate /usr/local/bin/gomplate + branding: icon: 'arrow-up-right' color: 'green'